The less data is exposed, the safer it is. To ensure that only eligible users have access to critical systems and data, you need to know their NTFS permissions include only what they need to do their jobs. One way to view a list of security permissions to files and shared folders on Windows servers in your network is to perform permissions reporting using Microsoft PowerShell. With the help of a PowerShell script, you can export folder permissions to a CSV file and open it in Excel, so you can spot users with unnecessary permissions, adjust those permissions to align with your data security policy, and thereby minimize the risk of a data breach. However, with this PowerShell permissions reporter option, be ready to spend some time on scripting and then looking through the mountains of data you get.

Netwrix Auditor for Windows File Servers simplifies the work of understanding and right-sizing permissions. Simply specify the folder paths that interest you most and immediately see which accounts have access to them, what exact permissions they have and how these permissions were granted (directly or via group membership). With these details in hand, you can improve the security of your sensitive data, reduce data exposure and minimize the risk of data compromise.